On 2016-06-27 07:48, Valentine Sinitsyn wrote: > Hi all, > > On 23.06.2016 17:34, Valentine Sinitsyn wrote: > [..] >>>>>>> So you will have one forward table per cell in order to achieve >>>>>>> partitioning? That may work... In Intel, there is a single table for >>>>>>> them all, and source matching is used for partitioning. >>>>>> Why do we need a forward table per cell? It's indexed with device_id, >>>>>> which doesn't change, and the device is assigned to one cell at time. >>>>>> Looks like one table should also work, or am I missing something? >>>>> >>>>> If all device tables would point to the same interrupt table, all >>>>> devices could inject interrupts via any entry in that table, no? >>>>> Therefore you need per-cell tables to achieve at least cell-based >>>>> partitioning. >>>> I also worried about this. However, iommu_map_interrupt() decides which >>>> index will be programmed into an MSI/IOAPIC reg. >>> >>> Those registers aren't trustworthy, plus any DMA request of the device >> Yes, I was under impression they are. OK, makes sense now, thanks. > Shall we trust bdfs devices send us then? If not (i.e. we assume devices > can send messages with arbitrary ids), we need to silence all IRTEs > (IV=1, IntCtl=0) except those having device assigned in the config.
Devices cannot fake their origin. Thus, their association with a device table entry is trustworthy, also on AMD - the whole IOMMU concept builds on top of this. Jan -- Siemens AG, Corporate Technology, CT RDA ITP SES-DE Corporate Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
